A coalition of U.S. agencies and allied governments has revealed that three private Chinese companies were involved in a large-scale hacking operation known as Salt Typhoon, targeting telecommunication companies globally, including AT&T and Verizon. The operation, active since 2021, allowed China to potentially access communications, including text messages, from millions of people, and track their locations, while also targeting government, transportation, and military infrastructure networks. The FBI, NSA, and CISA, along with international partners, signed a report that detailed that the campaign has hacked over 200 companies across 80 countries. The identified companies, Beijing Huanyu Tianqiong Information Technology, Sichuan Zhixin Ruijie Network Technology, and Sichuan Juxinhe Network Technology, were reportedly acting on behalf of China’s Ministry of State Security.
Read More
The Associated Press is a global news organization committed to factual reporting. Established in 1846, AP continues to be a highly trusted source for unbiased news delivery across all formats. AP also provides essential technology and services critical to the news industry. Consequently, over half the world’s population consumes AP journalism on a daily basis.
Read More
The Norwegian Police Security Service (PST) has officially attributed a cyberattack on a hydropower dam in Bremanger to Russia, marking the first time Oslo has formally accused Moscow. The attack, which occurred in April, allowed water to flow unnoticed for four hours, releasing 500 liters per second. PST’s head stated the incident exemplifies a shift in activity from pro-Russian cyber actors aimed at creating fear and chaos. Although no injuries or damage resulted, the PST is warning that Russian intelligence services are actively attempting to gather information and recruit contacts within Norway.
Read More
During a press event at the Kennedy Center, President Trump addressed a report detailing Russia’s involvement in hacking the U.S. federal court case document system. Trump acknowledged Russia’s hacking capabilities, stating they are proficient at it, but that the U.S. is “actually better at it.” He mentioned he “could” address the hack in an upcoming meeting with Russian President Vladimir Putin. The New York Times reported that evidence points to a Russian entity compromising the system, potentially accessing sensitive information, including sealed records and national security cases.
Read More
St. Paul, Minnesota, has been targeted in a “deliberate, coordinated, digital attack” resulting in the deployment of the National Guard, including its cyber protection component, after the city’s response capacity was exceeded. The city responded by shutting down its information systems, causing disruptions to city services, while emergency services remained operational. The city has hired cybersecurity firms and is working with the FBI to investigate the nature of the attack, which may be ransomware, and determine what data was accessed or stolen. City employees are advised to take measures to secure their digital information.
Read More
Chenguang Gong, a dual citizen engineer, has pleaded guilty to stealing thousands of trade secrets, including sensitive military technology. The 59-year-old admitted to downloading over 3,600 documents related to infrared sensors and radiation-hardened cameras, crucial components for aircraft and satellite surveillance. Gong transferred the files to personal storage devices, even after accepting a new job at a direct competitor. His actions were discovered after his former employer audited his activities and contacted the FBI, leading to his arrest and the potential for a decade-long prison sentence.
Read More
Clorox has filed a lawsuit against Cognizant, alleging the IT provider’s negligence led to a significant cyberattack in 2023. The lawsuit claims hackers, identified as the Scattered Spider group, gained access by simply requesting employee passwords from Cognizant’s service desk. According to the suit, Cognizant staff provided credentials without proper verification, leading to a breach that caused $380 million in damages due to remedial costs and disrupted product shipments. Clorox also cited additional failures by Cognizant in containing the attack, further contributing to the severity of the situation.
Read More
Cybersecurity experts are cautioning the public about a recent breach of a US state’s National Guard network by the Salt Typhoon cyber espionage group. The DoD revealed the group maintained access for almost a year, potentially accessing sensitive military and law enforcement data, including administrator credentials and network diagrams. This data theft included configuration files for critical national infrastructure organizations and state government agencies, raising concerns about potential follow-on attacks. The incident, part of a larger campaign linked to Chinese-backed hackers, highlights the group’s proficiency and the urgent need for improved cybersecurity measures, including Zero Trust adoption and breach containment strategies across all US government networks.
Read More
An Iran-linked hacking group has threatened to release a trove of emails allegedly stolen from Donald Trump’s aides, including Roger Stone and Susie Wiles, according to Reuters. The group, which previously released emails during the 2024 presidential campaign, claims to possess approximately 100 gigabytes of data. U.S. officials, including CISA, have condemned the threat as a “calculated smear campaign” and warned of consequences for those involved in the potential national security breach. The hackers’ motive shifted after Trump’s intervention in the Iran-Israel crisis and the release of information to news outlets.
Read More
This week, several Dutch government websites experienced temporary outages due to coordinated DDoS attacks. The attacks, claimed by pro-Russian hackers, targeted municipal portals, hindering access to public information and services. Although online services were disrupted, no internal systems were breached, or sensitive data compromised. The incidents, part of a broader Russian strategy of digital disruption, aimed to test defenses and undermine public confidence in digital infrastructure. The Dutch government is reviewing cybersecurity protocols while advising municipalities to bolster web protections and explore alternative communication methods.
Read More
John Q. Hosedrinker